2 matches found
CVE-2018-10758
The edit/ URI in Datenstrom Yellow 0.7.3 has CSRF via a delete action that can delete articles...
CVE-2018-10758
The CVE-2018-10758 entry concerns Datenstrom Yellow 0.7.3, where the edit/ URI is vulnerable to CSRF via a delete action that can delete articles. The core issue is a CSRF flaw in the edit endpoint that allows unauthorized deletion of content, implying that an attacker could induce a logged-in us...